Thank you, Chair. I join my colleagues in welcoming the Auditor General and his team today. A lot of work has gone into these reports and we look forward to good productivity coming out of them as we present our reports to Parliament.

Auditor General, if I may I'd like to focus on chapter 5 on information technology investments with the CBSA. I wonder if you could explain this for my benefit. Early on in your report you talk about the project portfolio management framework in 5.10 and some of the strengths and weakness relative to that. Then you talk about the project management framework that was established back in 2012. Could you explain the difference in the two structures? Do you have that information handy?

In chapter 5.10 your report speaks to the project portfolio management framework, which was developed in December 2013. Prior to that, in 5.20, you talk about the project management framework that was developed in 2012. I wonder if you could explain to us the difference, or similarities perhaps, of the two entities.

Yes. The obvious difference, and it's an important difference, is that one of them contains the word “portfolio”. The one mentioned in 5.20 developed in 2012 was a project management framework, so a framework for managing individual projects.

In 5.10 we're talking about a project portfolio management framework, or how you have that view of all of the projects, the whole portfolio of projects that are going on at one time.

It's one thing and is a good practice to have a framework to manage individual projects, but then from an organizational point of view you need a way to manage your portfolio of projects that are all going on at the same time.

I have to be honest with you, I've had to read the report several times to capture all the various elements to it. For CBSA, this is a very large project, a series of projects. The budget is $1 billion, so it's very important that it be managed effectively. I understand the difference in the two, and it's complex. I can't imagine the complexity that goes into developing the appropriate security and risk management. I'll come to that in a minute.

Your report found that CBSA has the necessary corporate and management practices to deliver on IT investments. I wonder if you could expand on how the project management framework has helped to ensure that taxpayer dollars destined for IT projects of this magnitude are spent appropriately?

There are, perhaps, a couple of things I want to deal with in terms of your question.

Certainly, having a project management framework and a project portfolio management framework, the two of those in place, is very important to make sure that projects are delivering on their intended results, making sure there's an understanding of the benefits that would come from projects, making sure that they're going to be delivered on budget, and making sure they're going to be delivered on time, or making sure there can be appropriate adjustments along the way.

We were very happy with the framework that had been put in place in the agency and the fact that it was comprehensive. Our concern, again, was that it wasn't at this point in time always being applied in the management and the oversight of the projects.

You mentioned the fact that with this type of an audit sometimes you have to read it very carefully to understand it. I think that's true whenever you're looking at information technology. Information technology is a complex business.

You know, I mentioned in my opening statement the importance of dealing with these issues now so they don't become bigger problems in the future. I think this is a good example. They have a good framework. Right now their projects seem to be in a place that they can get them delivered. They need to make sure they're applying that framework so that we're not coming back here in four years' time talking about one of these projects because we've done an audit and found problems. The framework is important.

I understand that trying to get through an audit like this and understanding exactly what it's about can be difficult. It's very important that organizations, particularly like this one with $1 billion worth of IT projects, have all of the oversight to make sure that all of those projects are being delivered as they're supposed to be.

I will start with the health care issue in the north. I would like to draw your attention to paragraph 4.55. You said you had requested documents, but they were not provided to you. At issue was the cost of nine facilities. You wanted to know whether those facilities met the applicable building code requirements. In paragraph 4.55, you say that the information was not provided to you or was partially provided. You also received documents that did not pertain to the questions you asked.

What we were provided with were the certificates of substantial completion, again, for five of the nine facilities.

We were asking for some sort of indication about whether those facilities had met the applicable building code requirements. They didn't have anything where they had gone in directly and assessed the building code requirements specifically to see if they had been met; instead, what they had were certificates of substantial completion.

It wasn't a question that they didn't provide us with something that we asked for; it was a case that they hadn't done all of those assessments. They gave us the certificates of substantial completion, which is what they were using as their way of assessing whether the buildings had been built as specified.

You asked them to provide you with a certificate to prove that the building code requirements had been met. You clearly indicate in the two bullet points that you did not obtain answers to the questions you asked them and that you were not provided with the documents you requested. That's what it says in paragraph 4.55.

The Auditor General is right. We asked for evidence to show us that these buildings were indeed built according to code. The department uses these certificates of substantial completion. They were able to show us the certificates for five of the nine facilities, and for four they didn't have them. That's one issue.

The issue with the certificates of completion themselves, in our view, and the department agreed, is that they don't explicitly state whether the buildings were in accordance with code. The department has agreed to clarify going forward to make sure that these documents now explicitly state whether they meet code.

I would like to discuss paragraph 4.4 of the same chapter, regarding health-related problems. You have consulted a number of documents, so you must also know that one of the problems identified has to do with undernourishment and poorly developed children. That also comes up later, when you talk about the coordination of health services among jurisdictions. In terms of coordination among jurisdictions, do you also make sure that people in remote regions are receiving enough food?

I don't know whether you have looked at Health Canada's document according to which the rate of food insecurity is about 36% in Nunavut.

Does coordination among jurisdictions also apply to ensuring that people have enough food, so that their health is not jeopardised?

The audit was not an audit of availability of nutrition and food, that type of thing. The audit was essentially about the direct nursing services and the transportation benefits that Health Canada provides to residents of the first nations. Certainly we identified early in the audit the fact that there are many health challenges for the residents of the first nations: higher rates of chronic and infectious disease, mental health and substance abuse issues, unsafe drinking water, so many different issues that are relative to those first nations. The audit wasn't about access to food or malnutrition, it was about the services that are being provided at the nursing stations or the availability of transportation benefits to residents of those remote first nations.

I'm going to focus on chapter 1, Antimicrobial Resistance. Looking at the full report, in section 1.31 it states there was an attempt to develop a pan-Canadian strategy, but consensus was not achieved. In fact, you stated in your report that the Public Health Agency of Canada:

...discussed areas for collaboration with its public health counterparts in the provinces and territories, but did not achieve consensus to pursue the development of a pan-Canadian strategy.

Does the federal government have the authority to enforce this strategy, to force the provinces to achieve consensus? Why wasn't consensus achieved? Do we have an understanding of who didn't agree and how we would make things different in order to achieve that consensus to develop the strategy?

I think certainly simply the use of the word “consensus” points to the fact that people have to come to the table: the provinces, territories, federal government, federal organizations have to come together to agree on that strategy. I think that's central. But the mandate of the Public Health Agency is to provide leadership on these public health issues that reach across the country. We have identified in the course of the audit that there were many different times when the agency tried to work with partners to get to a strategy, but hasn't succeeded in doing that. As I said, and repeated a little earlier, there wasn't any provincial or territorial consensus on what the role of the agency should be. I think the first step is very much getting to the point of: what is the role that the agency can play in helping treat this as a national issue?

It appears as an interim step that the agency did develop a federal framework so that they could deal with trying to move things through from the federal level, where they did have jurisdiction. It would seem to me that the development of a federal framework was a good interim step while they worked toward reaching consensus. Would you agree with that?

It was a step, certainly. Again, when you look at the World Health Organization saying that there needs to be a national strategy, and that would include things like in paragraph 26:

...reduce antimicrobial use in humans and animals, improve surveillance of antimicrobial resistance and antimicrobial use, strengthen measures to prevent the emergence and spread of drug-resistant infections, and stimulate research and innovation.

The strategy needs to deal with all those things. My concern is—and it's why I emphasize this in the opening statement and I've said it a couple of times—we've been 18 years without a national strategy, identifying it's a priority. To try to help reduce at least, or maybe prevent further proliferation of this problem, we need to get to having a national strategy that deals with all these issues. I'm not sure that interim steps right now are what are needed. I think getting to that national strategy is what's needed.

...it is likely that the development of a pan-Canadian strategy will take many years, given that, according to the Agency, such a strategy requires the cooperation of all levels of government and sectors.

Given the difficulty of reaching that, you obviously recognize the complexity of developing this national strategy if you're going on record saying in your opinion it's likely that it's going to take many years.

We have a number of recommendations in the audit, but the primary one is to get together all of the partners, or at least as many as possible, to coordinate what the national approach is going to be and try to get to that national strategy. The biggest hurdle that needs to be overcome is making sure that this is understood as a priority across all jurisdictions, not just the Public Health Agency saying it's a priority. Once that priority is understood, then the timeframe we have laid out could be shortened.